Banks and Customers Must Share the Burden to Ensure Secure Financial Transactions

Banks and their customers must share responsibilities to ensure the security, confidentiality and integrity of financial transactions.

Even as banks introduce increasingly sophisticated payments offerings, fraud in the space remains as much of a challenge as ever. And while criminals continue to develop ever-more complex schemes to outsmart banks' defenses, consumer demand for quick and convenient payments and service is intensifying, and regulatory requirements are growing more stringent. How can banks balance the need to provide customers with the latest payments products and services while preventing fraud? Where are the risks of payments fraud most acute, and what approaches are banks adopting to identify and prevent it? And what kinds of tools and technologies can best help banks meet both new regulatory mandates and new risks? --Peggy Bresnick Kendler

There's no singular solution in the battle against payments fraud -- even if there were, hackers would find a way around it. This has been evident as hundreds of corporate accounts have fallen prey to hackers looting companies' accounts, resulting in several high-profile lawsuits pitting banks and businesses against each other. Banks and their customers must share responsibilities to ensure the security, confidentiality and integrity of financial transactions. However, banks must take the lead with dynamic risk management strategies that layer administrative, technical and physical security controls.

Adhering to "Know Your Customer" techniques to assign the business a risk rating for determining appropriate security tactics and for setting appropriate exposure limits is essential. This approach also facilitates the efficient use of potentially costly security controls targeting situations/clients that will have the most effective impact.

Banks must stay vigilant in maintaining ongoing initiatives, including awareness of new vulnerabilities and risks, keeping policies/standards up to date, and conducting internal education. Strong agreements should clearly define the responsibilities of each party and the bank's right to audit the business' compliance with technology and security requirements. Proactive banks will partner with their customers by providing fraud analytic tools, education and best practices for web/PC use. Business user strategies -- such as dual control for transaction approval, limiting access to approved users and multiple authentication techniques for transactions -- also are critical.